- Insider threat looms large in San Francisco
- Woman fired over death threat
- IT admin pleads not guilty
- Tape storage gets more dense
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Many midsized companies won’t consider identity management, because they think it is too difficult to deploy, too expensive to purchase and implement, and too complicated to administer and maintain.
The problem is that it’s precisely when companies grow to midmarket ($150 million to $1 billion) that user accounts seem to multiply like rabbits, and “password management” requires a disproportionate percentage of security budgets and manpower.
Postponing an investment in some form of unified account or identity management often proves to be one of the most common — and costly — mistakes in security today.
User accounts are like mold: Left unattended, their numbers grow unabated. The number of user accounts per employee increases because companies must expand their application mix to remain competitive, comply with regulatory guidelines, improve marketing and merchandising, and collaborate effectively.
This is a common consequence of growth, but in my experience it rarely occurs without adding considerable user account and authentication overhead. The reasons are easy to identify and nearly impossible to avoid: Many applications use disparate or proprietary authentication methods and databases, and finding a single authentication platform that’s supported by every application is nearly impossible.
The results are too frequently the same. Users have multiple accounts and must contend with multiple authentication procedures and interfaces. Employee productivity and willingness to comply with password security policies deteriorate over time as frustration sets in over having to flog through multiple authentication challenges to complete work.
IT struggles to create, maintain, archive and delete accounts at diverse authentication databases in a timely manner; for example, before credentials can be abused by disgruntled employees or exploited by attackers. In most cases, IT spends time helping employees with password issues that could be more productively applied to patch management and other proactive desktop-security measures.
Rss FeedRss Feed
hey buddy, you save my life :D thanx alot- Hamid
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment